Authentication Based on Biometric Identification Parameter of an Individual for Payment Transaction

ABSTRACT

Provided is a computer-implemented method for authenticating a customer during payment transactions based on biometric identification parameters of the customer that includes receiving image data associated with an image template for identification of a customer, receiving image data associated with an image of a biometric identification parameter of the customer during a payment transaction between the customer and a merchant, establishing a short-range communication connection with a user device associated with the customer during the payment transaction between the customer and the merchant, authenticating an identity of the customer for the payment transaction via the short-range communication connection, determining an account identifier of an account of the customer based on authenticating the identity of the customer for the payment transaction, and processing the payment transaction using the account identifier of the account of the customer. A system and computer program product are also disclosed.

CROSS REFERENCE TO RELATED APPLICATIONS

This application is a continuation application of U.S. patentapplication Ser. No. 17/551,492, filed Dec. 15, 2021, which is acontinuation application of U.S. patent application Ser. No. 16/245,316,filed Jan. 11, 2019, now issued as U.S. Pat. No. 11,232,450, whichclaims priority to U.S. Provisional Patent Application No. 62/616,484,filed Jan. 12, 2018, which are incorporated herein by reference in theirentirety.

BACKGROUND 1. Technical Field

This present disclosure relates generally to authenticating anindividual during a payment transaction and, in one particularembodiment, to a method, system, and computer program product forauthenticating an individual during a payment transaction based on abiometric identification parameter of the individual.

2. Technical Considerations

A digital wallet may include an application on an electronic device(e.g., a smartphone) that allows a customer (e.g., a user, anindividual, and/or the like) to conduct an electronic paymenttransaction. For example, an electronic payment transaction made using adigital wallet may include an online payment transaction (e.g., a cardnot present transaction) conducted by the customer involving items viathe Internet with a computer and/or an in-store payment transaction(e.g., a card present payment transaction) conducted by the customerusing a mobile device, such as a smartphone, with a credential (e.g.,information associated with the account of the customer stored on thesmartphone) to purchase an item at a merchant location (e.g., a store)of a merchant. The account (e.g., a credit account, a debit account,and/or the like) of the customer may be linked to the digital wallet andthe credential associated with the account may be passed to apoint-of-sale (POS) device (e.g., a POS terminal) of the merchantwirelessly via near-field communication (NFC).

However, the customer may still be required to present the mobile devicewithin a short distance (e.g., a distance that is the maximum distancerequired to communicate via an NFC communication connection) of a POSdevice to authenticate the customer and conduct a payment transaction atthe merchant location via NFC. For example, the customer may be requiredthe remove the mobile device from their pocket and may be required topresent the electronic device at a predetermined distance away from thePOS device to conduct the payment transaction via NFC. In such anexample, the time required for the customer to present the electronicdevice may require an amount of time that is undesirable to the customerand/or undesirable to other individuals at the merchant location thatare also attempting to conduct payment transactions. In addition, thecustomer and/or other individuals may forego conducting a paymenttransaction at the merchant location based on the amount of timerequired for the user to present the electronic device.

SUMMARY

Accordingly, systems, devices, products, apparatuses, and/or methods forauthenticating an individual during a payment transaction based on abiometric identification parameter of the individual are disclosed thatovercome some or all of the deficiencies of the prior art.

According to a non-limiting embodiment, provided is acomputer-implemented method for authenticating an individual during apayment transaction based on a biometric identification parameter of theindividual. The method comprises receiving, with at least one processor,image data associated with an image template for identification of acustomer, receiving, with at least one processor, image data associatedwith an image of a biometric identification parameter of the customerduring a payment transaction between the customer and a merchant,establishing, with at least one processor, a short-range communicationconnection with a user device associated with the customer during thepayment transaction between the customer and the merchant,authenticating, with at least one processor, an identity of the customerfor the payment transaction via the short-range communicationconnection, wherein authenticating comprises: determining whether theimage of the biometric identification parameter of the customercorresponds to the image template for identification of the customer,determining, with at least one processor, an account identifier of anaccount of the customer based on authenticating the identity of thecustomer for the payment transaction, and processing, by at least oneprocessor, the payment transaction using the account identifier of theaccount of the customer.

According to another non-limiting embodiment, provided is a system forauthenticating an individual during a payment transaction based on abiometric identification parameter of the individual. The systemcomprises at least one processor programmed or configured to receiveimage data associated with an image template for identification of acustomer, receive image data associated with an image of a biometricidentification parameter of the customer during a payment transactionbetween the customer and a merchant, establish a short-rangecommunication connection with a user device associated with the customerduring the payment transaction between the customer and the merchant,authenticate an identity of the customer for the payment transaction viathe short-range communication connection, determine an accountidentifier of an account of the customer based on authenticating theidentity of the customer for the payment transaction, and process thepayment transaction using the account identifier of the account of thecustomer. Authenticating may include determining whether the image ofthe biometric identification parameter of the customer corresponds tothe image template for identification of the customer.

According to a further non-limiting embodiment, provided is a computerprogram product for authenticating an individual during a paymenttransaction based on a biometric identification parameter of theindividual. The computer program product comprises at least onenon-transitory computer-readable medium including one or moreinstructions that, when executed by at least one processor, cause the atleast one processor to receive image data associated with an imagetemplate for identification of a customer, receive image data associatedwith an image of a biometric identification parameter of the customerduring a payment transaction between the customer and a merchant,establish a short-range communication connection with a user deviceassociated with the customer during the payment transaction between thecustomer and the merchant, authenticate an identity of the customer forthe payment transaction via the short-range communication connection,determine an account identifier of an account of the customer based onauthenticating the identity of the customer for the payment transaction,and process the payment transaction using the account identifier of theaccount of the customer. Authentication may comprise determining whetherthe image of the biometric identification parameter of the customercorresponds to the image template for identification of the customer.

Further embodiments or aspects are set forth in the following numberedclauses:

Clause 1: A computer-implemented method for authenticating a customerduring a payment transaction based on a biometric identificationparameter of the customer comprising: receiving, with at least oneprocessor, image data associated with an image template foridentification of a customer; receiving, with at least one processor,image data associated with an image of a biometric identificationparameter of the customer during a payment transaction between thecustomer and a merchant; establishing, with at least one processor, ashort-range communication connection with a user device associated withthe customer during the payment transaction between the customer and themerchant; authenticating, with at least one processor, an identity ofthe customer for the payment transaction via the short-rangecommunication connection, wherein authenticating comprises: determiningwhether the image of the biometric identification parameter of thecustomer corresponds to the image template for identification of thecustomer, determining, with at least one processor, an accountidentifier of an account of the customer based on authenticating theidentity of the customer for the payment transaction; and processing, byat least one processor, the payment transaction using the accountidentifier of the account of the customer.

Clause 2: The computer-implemented method according to clause 1, furthercomprising: sending a transaction confirmation message to the userdevice associated with the customer, wherein the transactionconfirmation message includes an indication that the payment transactioninvolving the customer was processed based on processing the paymenttransaction.

Clause 3: The computer-implemented method according to clauses 1 or 2,further comprising: displaying an image associated with a paymentdevice, wherein the payment device is associated with the accountidentifier of the account of the customer based on determining theaccount identifier of the account of the customer; and receiving anindication that the account identifier of the account of the customer isto be used during processing of the payment transaction after displayingthe image associated with the payment device.

Clause 4: The computer-implemented method according to any of clauses1-3, wherein processing the payment transaction comprises: processing,by at least one processor, the payment transaction using the accountidentifier of the account of the customer based on receiving theindication that the account identifier of the account of the customer isto be used during processing of the payment transaction.

Clause 5: The computer-implemented method according to any of clauses1-4, further comprising: sending a payment transaction authorizationrequest message to the user device associated with the customer, whereinthe payment transaction authorization request message comprises atransaction amount of the payment transaction; and receiving a paymenttransaction authorization response message from the user deviceassociated with the customer, wherein the payment transactionauthorization request message comprises authorization data associatedwith an indication that the customer authorizes the transaction amountof the payment transaction.

Clause 6: The computer-implemented method according to any of clauses1-5, further comprising: causing an image of at least a portion of aface of the customer to be captured via an image capture device, whereinreceiving the image data associated with the image of the biometricidentification parameter of the customer comprises: receiving the imageof at least a portion of the face of the customer from the image capturedevice.

Clause 7: The computer-implemented method according to any of clauses1-6, wherein the image data associated with an image template foridentification of the customer comprises encrypted image data associatedwith a facial image template of the customer, and wherein receiving theimage data associated with an image template for identification of thecustomer comprises: receiving the encrypted image data associated withthe facial image template of the customer from the user deviceassociated with the customer, wherein the encrypted image dataassociated with the facial image template of the customer comprises datathat has been encrypted using a homomorphic encryption scheme.

Clause 8: The computer-implemented method according to any of clauses1-7, further comprising: receiving first data associated with a firstdevice identifier of the user device associated with the customer viathe short-range communication connection; storing the first dataassociated with the first device identifier of the user deviceassociated with the customer and the image data associated with theimage template for identification of the customer in a data structure;and receiving second data associated with a second device identifier ofthe user device associated with the customer via the short-rangecommunication connection during the payment transaction, whereinauthenticating the customer for the payment transaction comprises:determining whether the image of the biometric identification parameterof the customer corresponds to the image template for identification ofthe customer; and determining whether the first device identifier of theuser device associated with the customer corresponds to the seconddevice identifier of the user device associated with the customer.

Clause 9: The computer-implemented method according to any of clauses1-8, further comprising: establishing the short-range communicationconnection with the user device associated with the customer based onthe user device associated with the customer being within apredetermined distance of a point-of-sale (POS) device of the merchant.

Clause 10: A system for authenticating a customer during a paymenttransaction based on a biometric identification parameter of thecustomer, the system comprising: at least one processor programmed orconfigured to: receive image data associated with an image template foridentification of a customer; receive image data associated with animage of a biometric identification parameter of the customer during apayment transaction between the customer and a merchant; establish ashort-range communication connection with a user device associated withthe customer during the payment transaction between the customer and themerchant; authenticate an identity of the customer for the paymenttransaction via the short-range communication connection, wherein, whenauthenticating the identity of the customer for the payment transaction,the at least one process is programmed or configured to: determinewhether the image of the biometric identification parameter of thecustomer corresponds to the image template for identification of thecustomer, determine an account identifier of an account of the customerbased on authenticating the identity of the customer for the paymenttransaction; and process the payment transaction using the accountidentifier of the account of the customer.

Clause 11: The system according to clause 10, wherein the at least oneprocessor is further programmed or configured to: send a transactionconfirmation message to the user device associated with the customer,wherein the transaction confirmation message includes an indication thatthe payment transaction involving the customer was processed based onprocessing the payment transaction.

Clause 12: The system according to clauses 10 or 11, wherein the atleast one processor is further programmed or configured to: display animage associated with a payment device, wherein the payment device isassociated with the account identifier of the account of the customerbased on determining the account identifier of the account of thecustomer; and receive an indication that the account identifier of theaccount of the customer is to be used during processing of the paymenttransaction after displaying the image associated with the paymentdevice.

Clause 13: The system according to any of clauses 10-12, wherein the atleast one processor is further programmed or configured to: process thepayment transaction using the account identifier of the account of thecustomer based on receiving the indication that the account identifierof the account of the customer is to be used during processing of thepayment transaction.

Clause 14: The system according to any of clauses 10-13, wherein the atleast one processor is further programmed or configured to: send apayment transaction authorization request message to the user deviceassociated with the customer, wherein the payment transactionauthorization request message comprises a transaction amount of thepayment transaction; and receive a payment transaction authorizationresponse message from the user device associated with the customer,wherein the payment transaction authorization request message comprisesauthorization data associated with an indication that the customerauthorizes the transaction amount of the payment transaction.

Clause 15: The system according to any of clauses 10-14, wherein the atleast one processor is further programmed or configured to: cause animage of at least a portion of a face of the customer to be captured viaan image capture device, wherein, when receiving the image dataassociated with the image of the biometric identification parameter ofthe customer, at least one processor is programmed or configured to:receive the image of at least a portion of the face of the customer fromthe image capture device.

Clause 16: The system according to any of clauses 10-15, wherein theimage data associated with an image template for identification of thecustomer comprises encrypted image data associated with a facial imagetemplate of the customer, and wherein, when receiving the image dataassociated with the image of the biometric identification parameter ofthe customer, at least one processor is programmed or configured to:receive the encrypted image data associated with the facial imagetemplate of the customer from the user device associated with thecustomer, wherein the encrypted image data associated with the facialimage template of the customer comprises data that has been encryptedusing a homomorphic encryption scheme.

Clause 17: The system according to any of clauses 10-16, wherein the atleast one processor is further programmed or configured to: receivefirst data associated with a first device identifier of the user deviceassociated with the customer; store the first data associated with thefirst device identifier of the user device associated with the customerand the image data associated with the image template for identificationof the customer in a data structure; and receive second data associatedwith a second device identifier of the user device associated with thecustomer via the short-range communication connection during the paymenttransaction, wherein, when authenticating the customer for the paymenttransaction, the at least one processor is programmed or configured to:determine whether the image of the biometric identification parameter ofthe customer corresponds to the image template for identification of thecustomer; and determine whether the first device identifier of the userdevice associated with the customer corresponds to the second deviceidentifier of the user device associated with the customer.

Clause 18: The system according to any of clauses 10-17, wherein the atleast one processor is further programmed or configured to: establishthe short-range communication connection with the user device associatedwith the customer based on the user device associated with the customerbeing within a predetermined distance of a point-of-sale (POS) device ofthe merchant.

Clause 19: A computer program product for authenticating a customerduring a payment transaction based on a biometric identificationparameter of the customer, the computer program product comprising atleast one non-transitory computer-readable medium including one or moreinstructions that, when executed by at least one processor, cause the atleast one processor to: receive image data associated with an imagetemplate for identification of a customer; receive image data associatedwith an image of a biometric identification parameter of the customerduring a payment transaction between the customer and a merchant;establish a short-range communication connection with a user deviceassociated with the customer during the payment transaction between thecustomer and the merchant; authenticate an identity of the customer forthe payment transaction via the short-range communication connection,wherein the one or more instructions that cause the at least oneprocessor to authenticate the identity of the customer for the paymenttransaction, cause the at least one processor to: determine whether theimage of the biometric identification parameter of the customercorresponds to the image template for identification of a customer;determine an account identifier of an account of the customer based onauthenticating the identity of the customer for the payment transaction;and process the payment transaction using the account identifier of theaccount of the customer.

Clause 20: The computer program product according to clause 19, whereinthe one or more instructions further cause the at least one processorto: send a transaction confirmation message to the user deviceassociated with the customer, wherein the transaction confirmationmessage includes an indication that the payment transaction involvingthe customer was processed based on processing the payment transaction.

Clause 21: The computer program product according to clauses 19 or 20,wherein the one or more instructions further cause the at least oneprocessor to: display an image associated with a payment device, whereinthe payment device is associated with the account identifier of theaccount of the customer based on determining the account identifier ofthe account of the customer; and receive an indication that the accountidentifier of the account of the customer is to be used duringprocessing of the payment transaction after displaying the imageassociated with the payment device.

Clause 22: The computer program product according to any of clauses19-21, wherein the one or more instructions further cause the at leastone processor to: process the payment transaction using the accountidentifier of the account of the customer based on receiving theindication that the account identifier of the account of the customer isto be used during processing of the payment transaction.

Clause 23: The computer program product according to any of clauses19-22, wherein the one or more instructions further cause the at leastone processor to: send a payment transaction authorization requestmessage to the user device associated with the customer, wherein thepayment transaction authorization request message comprises atransaction amount of the payment transaction; and receive a paymenttransaction authorization response message from the user deviceassociated with the customer, wherein the payment transactionauthorization request message comprises authorization data associatedwith an indication that the customer authorizes the transaction amountof the payment transaction.

Clause 24: The computer program product according to any of clauses19-23, wherein the one or more instructions further cause the at leastone processor to: cause an image of at least a portion of a face of thecustomer to be captured via an image capture device, wherein receivingthe image data associated with the image of the biometric identificationparameter of the customer comprises: receiving the image of at least aportion of the face of the customer from the image capture device.

Clause 25: The computer program product according to any of clauses19-24, wherein the image data associated with an image template foridentification of the customer comprises encrypted image data associatedwith a facial image template of the customer, and wherein receiving theimage data associated with an image template for identification of thecustomer comprises: receiving the encrypted image data associated withthe facial image template of the customer from the user deviceassociated with the customer, wherein the encrypted image dataassociated with the facial image template of the customer comprises datathat has been encrypted using a homomorphic encryption scheme.

Clause 26: The computer program product according to any of clauses19-25, wherein the one or more instructions further cause the at leastone processor to: receive first data associated with a first deviceidentifier of the user device associated with the customer via theshort-range communication connection; store the first data associatedwith the first device identifier of the user device associated with thecustomer and the image data associated with the image template foridentification of the customer in a data structure; and receive seconddata associated with a second device identifier of the user deviceassociated with the customer via the short-range communicationconnection during the payment transaction, wherein authenticating thecustomer for the payment transaction comprises: determining whether theimage of the biometric identification parameter of the customercorresponds to the image template for identification of the customer;and determining whether the first device identifier of the user deviceassociated with the customer corresponds to the second device identifierof the user device associated with the customer.

Clause 27: The computer program product according to any of clauses19-26, wherein the one or more instructions further cause the at leastone processor to: establish the short-range communication connectionwith the user device associated with the customer based on the userdevice associated with the customer being within a predetermineddistance of a POS device of the merchant.

The features and characteristics of the present disclosure, as well asthe methods of operation and functions of the related elements ofstructures and the combination of parts and economies of manufacture,will become more apparent upon consideration of the followingdescription and the appended claims with reference to the accompanyingdrawings, all of which form a part of this specification, wherein likereference numerals designate corresponding parts in the various figures.It is to be expressly understood, however, that the drawings are for thepurpose of illustration and description only and are not intended as adefinition of the limits of the disclosure. As used in the specificationand the claims, the singular form of “a,” “an,” and “the” include pluralreferents unless the context clearly dictates otherwise.

BRIEF DESCRIPTION OF THE DRAWINGS

Additional advantages and details of the disclosure are explained ingreater detail below with reference to the exemplary embodiments thatare illustrated in the accompanying schematic figures, in which:

FIG. 1 is a diagram of a non-limiting embodiment of an environment inwhich systems, devices, products, apparatuses, and/or methods, asdescribed herein, may be implemented;

FIG. 2 is a diagram of a non-limiting embodiment of components of one ormore devices of FIG. 1 ;

FIG. 3 is a flowchart illustrating a non-limiting embodiment of a methodfor authenticating a customer during a payment transaction based on abiometric identification parameter of the customer; and

FIG. 4 is a sequence diagram of a non-limiting embodiment of the processshown in FIG. 3 .

DETAILED DESCRIPTION

For purposes of the description hereinafter, the terms “end,” “upper,”“lower,” “right,” “left,” “vertical,” “horizontal,” “top,” “bottom,”“lateral,” “longitudinal,” and derivatives thereof shall relate to thedisclosure as it is oriented in the drawing figures. However, it is tobe understood that the disclosure may assume various alternativevariations and step sequences, except where expressly specified to thecontrary. It is also to be understood that the specific devices andprocesses illustrated in the attached drawings, and described in thefollowing specification, are simply exemplary embodiments or aspects ofthe disclosure. Hence, specific dimensions and other physicalcharacteristics related to the embodiments or aspects of the embodimentsdisclosed herein are not to be considered as limiting unless otherwiseindicated.

No aspect, component, element, structure, act, step, function,instruction, and/or the like used herein should be construed as criticalor essential unless explicitly described as such. Also, as used herein,the articles “a” and “an” are intended to include one or more items andmay be used interchangeably with “one or more” and “at least one.”Furthermore, as used herein, the term “set” is intended to include oneor more items (e.g., related items, unrelated items, a combination ofrelated and unrelated items, etc.) and may be used interchangeably with“one or more” or “at least one.” Where only one item is intended, theterm “one” or similar language is used. Also, as used herein, the terms“has,” “have,” “having,” or the like are intended to be open-endedterms. Further, the phrase “based on” is intended to mean “based atleast partially on” unless explicitly stated otherwise.

As used herein, the terms “communication” and “communicate” may refer tothe reception, receipt, transmission, transfer, provision, and/or thelike of information (e.g., data, signals, messages, instructions,commands, and/or the like). For one unit (e.g., a device, a system, acomponent of a device or system, combinations thereof, and/or the like)to be in communication with another unit means that the one unit is ableto directly or indirectly receive information from and/or send (e.g.,transmit) information to the other unit. This may refer to a direct orindirect connection that is wired and/or wireless in nature.Additionally, two units may be in communication with each other eventhough the information transmitted may be modified, processed, relayed,and/or routed between the first and second unit. For example, a firstunit may be in communication with a second unit even though the firstunit passively receives information and does not actively sendinformation to the second unit. As another example, a first unit may bein communication with a second unit if at least one intermediary unit(e.g., a third unit located between the first unit and the second unit)processes information received from the first unit and sends theprocessed information to the second unit. In some non-limitingembodiments, a message may refer to a network packet (e.g., a datapacket and/or the like) that includes data.

As used herein, the terms “issuer,” “issuer institution,” “issuer bank,”or “payment device issuer,” may refer to one or more entities thatprovide accounts to individuals (e.g., users, customers, and/or thelike) for conducting payment transactions, such as credit paymenttransactions and/or debit payment transactions. For example, an issuerinstitution may provide an account identifier, such as a primary accountnumber (PAN), to a customer that uniquely identifies one or moreaccounts associated with that customer. In some non-limitingembodiments, an issuer may be associated with a bank identificationnumber (BIN) that uniquely identifies the issuer institution. As usedherein “issuer system” may refer to one or more computer systemsoperated by or on behalf of an issuer, such as a server executing one ormore software applications. For example, an issuer system may includeone or more authorization servers for authorizing a transaction.

As used herein, the term “account identifier” may refer to one or moretypes of identifiers associated with an account (e.g., a PAN associatedwith an account, a card number associated with an account, a paymentcard number associated with an account, a token associated with anaccount, and/or the like). In some non-limiting embodiments, an issuermay provide an account identifier (e.g., a PAN, a token, and/or thelike) to a user (e.g., an accountholder) that uniquely identifies one ormore accounts associated with that user. The account identifier may beembodied on a payment device (e.g., a physical instrument used forconducting payment transactions, such as a payment card, a credit card,a debit card, a gift card, and/or the like) and/or may be electronicinformation communicated to the user that the user may use forelectronic payment transactions. In some non-limiting embodiments, theaccount identifier may be an original account identifier, where theoriginal account identifier was provided to a user at the creation ofthe account associated with the account identifier. In some non-limitingembodiments, the account identifier may be a supplemental accountidentifier, which may include an account identifier that is provided toa user after the original account identifier was provided to the user.For example, if the original account identifier is forgotten, stolen,and/or the like, a supplemental account identifier may be provided tothe user. In some non-limiting embodiments, an account identifier may bedirectly or indirectly associated with an issuer institution such thatan account identifier may be a token that maps to a PAN or other type ofaccount identifier. Account identifiers may be alphanumeric, anycombination of characters and/or symbols, and/or the like.

As used herein, the term “token” may refer to an account identifier thatis used as a substitute or replacement for another account identifier,such as a PAN. Tokens may be associated with a PAN or other originalaccount identifier in one or more data structures (e.g., one or moredatabases and/or the like) such that they may be used to conduct apayment transaction without directly using the original accountidentifier. In some non-limiting embodiments, an original accountidentifier, such as a PAN, may be associated with a plurality of tokensfor different individuals or purposes. In some non-limiting embodiments,tokens may be associated with a PAN or other account identifiers in oneor more data structures such that they can be used to conduct atransaction without directly using the PAN or the other accountidentifiers. In some examples, an account identifier, such as a PAN, maybe associated with a plurality of tokens for different uses or differentpurposes.

As used herein, the term “merchant” may refer to one or more entities(e.g., operators of retail businesses) that provide goods and/orservices, and/or access to goods and/or services, to a user (e.g., acustomer, a consumer, and/or the like) based on a transaction, such as apayment transaction. As used herein “merchant system” may refer to oneor more computer systems operated by or on behalf of a merchant, such asa server executing one or more software applications. As used herein,the term “product” may refer to one or more goods and/or servicesoffered by a merchant.

As used herein, a “point-of-sale (POS) device” may refer to one or moredevices, which may be used by a merchant to conduct a transaction (e.g.,a payment transaction) and/or process a transaction. For example, a POSdevice may include one or more client devices. Additionally oralternatively, a POS device may include peripheral devices, cardreaders, scanning devices (e.g., code scanners), Bluetooth®communication receivers, near-field communication (NFC) receivers, radiofrequency identification (RFID) receivers, and/or other contactlesstransceivers or receivers, contact-based receivers, payment terminals,and/or the like.

As used herein, a “POS system” may refer to one or more client devicesand/or peripheral devices used by a merchant to conduct a transaction.For example, a POS system may include one or more POS devices and/orother like devices that may be used to conduct a payment transaction. Insome non-limiting embodiments, a POS system (e.g., a merchant POSsystem) may include one or more server computers programmed orconfigured to process online payment transactions through webpages,mobile applications, and/or the like.

As used herein, the term “transaction service provider” may refer to anentity that receives transaction authorization requests from merchantsor other entities and provides guarantees of payment, in some casesthrough an agreement between the transaction service provider and anissuer institution. For example, a transaction service provider mayinclude a payment network such as Visa®, MasterCard®, American Express®,or any other entity that processes transactions. As used herein“transaction service provider system” may refer to one or more computersystems operated by or on behalf of a transaction service provider, suchas a transaction service provider system executing one or more softwareapplications. A transaction service provider system may include one ormore processors and, in some non-limiting embodiments, may be operatedby or on behalf of a transaction service provider.

As used herein, the term “acquirer” may refer to an entity licensed bythe transaction service provider and approved by the transaction serviceprovider to originate transactions (e.g., payment transactions)involving a payment device associated with the transaction serviceprovider. As used herein, the term “acquirer system” may also refer toone or more computer systems, computer devices, and/or the like operatedby or on behalf of an acquirer. The transactions the acquirer mayoriginate may include payment transactions (e.g., purchases, originalcredit transactions (OCTs), account funding transactions (AFTs), and/orthe like). In some non-limiting embodiments, the acquirer may beauthorized by the transaction service provider to assign merchant orservice providers to originate transactions involving a payment deviceassociated with the transaction service provider. The acquirer maycontract with payment facilitators to enable the payment facilitators tosponsor merchants. The acquirer may monitor compliance of the paymentfacilitators in accordance with regulations of the transaction serviceprovider. The acquirer may conduct due diligence of the paymentfacilitators and ensure proper due diligence occurs before signing asponsored merchant. The acquirer may be liable for all transactionservice provider programs that the acquirer operates or sponsors. Theacquirer may be responsible for the acts of the acquirer's paymentfacilitators, merchants that are sponsored by the acquirer's paymentfacilitators, and/or the like. In some non-limiting embodiments, anacquirer may be a financial institution, such as a bank.

As used herein, the terms “electronic wallet,” “electronic wallet mobileapplication,” and “digital wallet” may refer to one or more electronicdevices including one or more software applications configured tofacilitate and/or conduct transactions (e.g., payment transactions,electronic payment transactions, and/or the like). For example, anelectronic wallet may include a user device (e.g., a mobile device)executing an application program, server-side software, and/or databasesfor maintaining and providing data to be used during a paymenttransaction to the user device. As used herein, the term “electronicwallet provider” may include an entity that provides and/or maintains anelectronic wallet and/or an electronic wallet mobile application for auser (e.g., a customer). Examples of an electronic wallet providerinclude, but are not limited to, Google Wallet™, Android Pay®, ApplePay®, and Samsung Pay®. In some non-limiting examples, a financialinstitution (e.g., an issuer institution) may be an electronic walletprovider. As used herein, the term “electronic wallet provider system”may refer to one or more computer systems, computer devices, servers,groups of servers, and/or the like operated by or on behalf of anelectronic wallet provider.

As used herein, the term “payment device” may refer to a payment card(e.g., a credit or debit card), a gift card, a smartcard, smart media, apayroll card, a healthcare card, a wristband, a machine-readable mediumcontaining account information, a keychain device or fob, an RFIDtransponder, a retailer discount or loyalty card, and/or the like. Thepayment device may include a volatile or a non-volatile memory to storeinformation (e.g., an account identifier, a name of the account holder,and/or the like).

As used herein, the terms “client” and “client device” may refer to oneor more computing devices, such as processors, storage devices, and/orsimilar computer components, that access a service made available by aserver. In some non-limiting embodiments, a “client device” may refer toone or more devices that facilitate payment transactions, such as POSdevices and/or POS systems used by a merchant. In some non-limitingembodiments, a client device may include an electronic device configuredto communicate with one or more networks and/or facilitate paymenttransactions such as, but not limited to, one or more desktop computers,one or more portable computers (e.g., tablet computers), one or moremobile devices (e.g., cellular phones, smartphones, PDAs, wearabledevices, such as watches, glasses, lenses, and/or clothing, and/or thelike), and/or other like devices. Moreover, a “client” may also refer toan entity, such as a merchant, that owns, utilizes, and/or operates aclient device for facilitating payment transactions with a transactionservice provider.

As used herein, the term “server” may refer to one or more computingdevices, such as processors, storage devices, and/or similar computercomponents, that communicate with client devices and/or other computingdevices over a network, such as the Internet or private networks and, insome examples, facilitate communication among other servers and/orclient devices.

As used herein, the term “system” may refer to one or more computingdevices or combinations of computing devices such as, but not limitedto, processors, servers, client devices, software applications, and/orother like components. In addition, reference to “a server” or “aprocessor,” as used herein, may refer to a previously-recited serverand/or processor that is recited as performing a previous step orfunction, a different server and/or processor, and/or a combination ofservers and/or processors. For example, as used in the specification andthe claims, a first server and/or a first processor that is recited asperforming a first step or function may refer to the same or differentserver and/or a processor recited as performing a second step orfunction.

Non-limiting embodiments of the present disclosure are directed tosystems, devices, products, apparatuses, and/or methods forauthenticating a customer during a payment transaction based on abiometric identification parameter of the customer. According tonon-limiting embodiments of the present disclosure, a customer involvedin a payment transaction may not be required to present the customer'suser device to conduct a payment transaction at a merchant location.Furthermore, an amount of time to conduct a payment transactioninvolving the customer is reduced based on the customer not beingrequired to present the customer's user device or other payment device.In addition, the customer and/or other individuals may conductadditional payment transactions at the merchant location based on thereduced amount of time required to conduct the payment transactioninvolving the customer.

Referring now to FIG. 1 , FIG. 1 is a diagram of an example environment100 in which systems, devices, products, apparatuses, and/or methods,described herein, may be implemented. As shown in FIG. 1 , environment100 includes POS device 102, user device 104, issuer system 106,transaction service provider system 108, merchant system 110, andnetwork 112.

POS device 102 may include one or more devices capable of receivinginformation from and/or sending information to user device 104, issuersystem 106, transaction service provider system 108, and/or merchantsystem 110 via network 112. For example, POS device may include a clientdevice and/or the like. In some non-limiting embodiments, POS device 102may or may not be capable of receiving information (e.g., from userdevice 104) via a short-range communication connection (e.g., ashort-range wireless communication connection, an NFC communicationconnection, an RFID communication connection, a Bluetooth® communicationconnection, a Bluetooth® Low Energy (BLE) communication connection,and/or the like), and/or communicating information (e.g., to user device104) via a short-range communication connection. In some non-limitingembodiments, POS device 102 may include one or more devices capable ofcapturing an image of a biometric identification parameter of thecustomer. For example, POS device 102 may include an image capturedevice, such as a camera (e.g., a digital camera, a mobile devicecamera, and/or the like). In some non-limiting embodiments, functions ofPOS device 102 may be caused by a mobile application (e.g., a mobilepayment application) stored on POS device 102. For example, POS device102 may receive information, determine a result based on information,display information, and/or send information based on the mobileapplication causing POS device 102 to receive the information, determinethe result based on the information, display the information, and/orsend the information. In some non-limiting embodiments, the mobileapplication of POS device 102 may be controlled or operated by an issueror a transaction service provider.

User device 104 may include one or more devices capable of receivinginformation from and/or sending information to POS device 102, issuersystem 106, transaction service provider system 108, and/or merchantsystem 110 via network 112. For example, user device 104 may include aclient device and/or the like. In some non-limiting embodiments, userdevice 104 may or may not be capable of receiving information (e.g.,from merchant system 110) via a short-range communication connection(e.g., a short-range wireless communication connection, an NFCcommunication connection, an RFID communication connection, a Bluetooth®communication connection, a BLE communication connection, and/or thelike), and/or communicating information (e.g., to POS device 102) via ashort-range communication connection. In some non-limiting embodiments,functions of user device 104 may be caused by a mobile application(e.g., a mobile payment application) stored on user device 104. Forexample, user device 104 may receive information, determine a resultbased on information, and/or send information based on the mobileapplication causing user device 104 to receive the information,determine the result based on the information, and/or send theinformation. In some non-limiting embodiments, the mobile application ofuser device 104 may be controlled or operated by an issuer or atransaction service provider.

Issuer system 106 may include one or more devices capable of receivinginformation and/or sending information to POS device 102, user device104, transaction service provider system 108, and/or merchant system 110via network 112. For example, issuer system 106 may include a computingdevice, such as a server, a group of servers, and/or other like devices.In some non-limiting embodiments, issuer system 106 may be associatedwith an issuer institution as described herein. For example, issuersystem 106 may be associated with an issuer institution that issued acredit account, debit account, credit card, debit card, and/or the liketo a user associated with user device 104.

Transaction service provider system 108 may include one or more devicescapable of receiving information from and/or sending information to POSdevice 102, user device 104, issuer system 106, and/or merchant system110 via network 112. For example, transaction service provider system108 may include a computing device, such as a server (e.g., atransaction processing server), a group of servers, and/or other likedevices. In some non-limiting embodiments, transaction service providersystem 108 may be associated with a transaction service provider asdescribed herein.

Merchant system 110 may include one or more devices capable of receivinginformation from and/or sending information to POS device 102, userdevice 104, issuer system 106, and/or transaction service providersystem 108 via network 112. In some non-limiting embodiments, merchantsystem 110 may include a computing device, such as a server, a group ofservers, a client device, a group of client devices, and/or other likedevices. In some non-limiting embodiments, merchant system 110 mayinclude POS device 102. In some non-limiting embodiments, merchantsystem 110 may be associated with a merchant as described herein. Insome non-limiting embodiments, merchant system 110 may include anacquirer system associated with an acquirer as described herein.

Network 112 may include one or more wired and/or wireless networks. Forexample, network 112 may include a cellular network (e.g., a long-termevolution (LTE) network, a third generation (3G) network, a fourthgeneration (4G) network, a code division multiple access (CDMA) network,etc.), a public land mobile network (PLMN), a local area network (LAN),a wide area network (WAN), a metropolitan area network (MAN), atelephone network (e.g., the public switched telephone network (PSTN)),a private network, an ad hoc network, an intranet, the Internet, a fiberoptic-based network, a cloud computing network, and/or the like, and/ora combination of these or other types of networks.

The number and arrangement of devices and networks shown in FIG. 1 areprovided as an example. There may be additional devices and/or networks,fewer devices and/or networks, different devices and/or networks, ordifferently arranged devices and/or networks than those shown in FIG. 1. Furthermore, two or more devices shown in FIG. 1 may be implementedwithin a single device, or a single device shown in FIG. 1 may beimplemented as multiple, distributed devices. Additionally oralternatively, a set of devices (e.g., one or more devices) ofenvironment 100 may perform one or more functions described as beingperformed by another set of devices of environment 100.

Referring now to FIG. 2 , FIG. 2 is a diagram of example components of adevice 200. Device 200 may correspond to POS device 102, user device104, and/or one or more devices of issuer system 106, one or moredevices of transaction service provider system 108, and/or one or moredevices of merchant system 110. In some non-limiting embodiments, POSdevice 102, user device 104, issuer system 106, transaction serviceprovider system 108, and/or merchant system 110 may include at least onedevice 200 and/or at least one component of device 200. As shown in FIG.2 , device 200 may include bus 202, processor 204, memory 206, storagecomponent 208, input component 210, output component 212, andcommunication interface 214.

Bus 202 may include a component that permits communication among thecomponents of device 200. In some non-limiting embodiments, processor204 may be implemented in hardware, software, or a combination ofhardware and software. For example, processor 204 may include aprocessor (e.g., a central processing unit (CPU), a graphics processingunit (GPU), an accelerated processing unit (APU), etc.), amicroprocessor, a digital signal processor (DSP), and/or any processingcomponent (e.g., a field-programmable gate array (FPGA), anapplication-specific integrated circuit (ASIC), etc.) that can beprogrammed to perform a function. Memory 206 may include random accessmemory (RAM), read only memory (ROM), and/or another type of dynamic orstatic storage device (e.g., flash memory, magnetic memory, opticalmemory, etc.) that stores information and/or instructions for use byprocessor 204.

Storage component 208 may store information and/or software related tothe operation and use of device 200. For example, storage component 208may include a hard disk (e.g., a magnetic disk, an optical disk, amagneto-optic disk, a solid-state disk, etc.), a compact disc (CD), adigital versatile disc (DVD), a floppy disk, a cartridge, a magnetictape, and/or another type of computer-readable medium, along with acorresponding drive.

Input component 210 may include a component that permits device 200 toreceive information, such as via user input (e.g., a touch screendisplay, a keyboard, a keypad, a mouse, a button, a switch, amicrophone, etc.). Additionally or alternatively, input component 210may include a sensor for sensing information (e.g., a global positioningsystem (GPS) component, an accelerometer, a gyroscope, an actuator,etc.). Output component 212 may include a component that provides outputinformation from device 200 (e.g., a display, a speaker, one or morelight-emitting diodes (LEDs), etc.).

Communication interface 214 may include a transceiver-like component(e.g., a transceiver, a separate receiver and transmitter, etc.) thatenables device 200 to communicate with other devices, such as via awired connection, a wireless connection, or a combination of wired andwireless connections. Communication interface 214 may permit device 200to receive information from another device and/or provide information toanother device. For example, communication interface 214 may include anEthernet interface, an optical interface, a coaxial interface, aninfrared interface, a radio frequency (RF) interface, a universal serialbus (USB) interface, a Wi-Fi® interface, a cellular network interface,and/or the like.

Device 200 may perform one or more processes described herein. Device200 may perform these processes based on processor 204 executingsoftware instructions stored by a computer-readable medium, such asmemory 206 and/or storage component 208. A computer-readable medium(e.g., a non-transitory computer-readable medium) is defined herein as anon-transitory memory device. A memory device includes memory spacelocated inside of a single physical storage device or memory spacespread across multiple physical storage devices.

Software instructions may be read into memory 206 and/or storagecomponent 208 from another computer-readable medium or from anotherdevice via communication interface 214. When executed, softwareinstructions stored in memory 206 and/or storage component 208 may causeprocessor 204 to perform one or more processes described herein.Additionally or alternatively, hardwired circuitry may be used in placeof or in combination with software instructions to perform one or moreprocesses described herein. Thus, embodiments described herein are notlimited to any specific combination of hardware circuitry and software.

The number and arrangement of components shown in FIG. 2 are provided asan example. In some non-limiting embodiments, device 200 may includeadditional components, fewer components, different components, ordifferently arranged components than those shown in FIG. 2 .Additionally or alternatively, a set of components (e.g., one or morecomponents) of device 200 may perform one or more functions described asbeing performed by another set of components of device 200.

Referring now to FIG. 3 , FIG. 3 is a flowchart of a non-limitingembodiment of a process 300 for authenticating a customer during apayment transaction based on a biometric identification parameter of thecustomer. In some non-limiting embodiments, one or more of the steps ofprocess 300 may be performed (e.g., completely, partially, etc.) by POSdevice 102 (e.g., one or more devices of POS device 102). In somenon-limiting embodiments, one or more of the steps of process 300 may beperformed (e.g., completely, partially, etc.) by another device or agroup of devices separate from or including POS device 102, such as userdevice 104, issuer system 106 (e.g., one or more devices of issuersystem 106), transaction service provider system 108 (e.g., one or moredevices of transaction service provider system 108), or merchant system110 (e.g., one or more devices of merchant system 110).

As shown in FIG. 3 , at step 302, process 300 includes receiving imagedata associated with an image template for identification of a customer.For example, POS device 102 may receive data associated with conductinga payment transaction that includes the image data associated with theimage template for identification of a customer (e.g., a user, anindividual, and/or the like) via a short-range communication connection(e.g., a Bluetooth® communication connection or a BLE communicationconnection) between user device 104 associated with the customer and POSdevice 102 associated with a merchant. In some non-limiting embodiments,the image template for identification of the customer may include animage of a face of the customer. For example, the image template foridentification of the customer may include an image of the face of thecustomer captured using an image capture device of user device 104associated with the customer.

Additionally or alternatively, the data associated with conducting thepayment transaction may include data associated with an identifier(e.g., a first name, a last name, a first and last name, and/or thelike) of the customer, data associated with a user account identifier(e.g., a username, a user account number, and/or the like) associatedwith a user account of the customer, account identifier data associatedwith an account identifier (e.g., a PAN, the last four digits of a PAN,and/or the like) of an account of the customer, image data associatedwith an image of a payment device (e.g., an image of a design of apayment device, an image of card art of a payment device, and/or thelike) associated with the customer, and/or device identifier dataassociated with a device identifier of user device 104 associated withthe customer. In some non-limiting embodiments, the device identifier ofuser device 104 associated with the customer may be a device identifiergenerated (e.g., by user device 104) via a mobile payment applicationstored on user device 104.

In some non-limiting embodiments, the image data associated with theimage template (e.g., a facial image template) for identification of thecustomer comprises encrypted image data associated with an imagetemplate of the customer. In some non-limiting embodiments, theencrypted image data associated with the image template of the customercomprises data that has been encrypted using a homomorphic encryptionscheme.

In some non-limiting embodiments, user device 104 may store the imagetemplate for identification of the customer, the identifier of thecustomer, the user account identifier of a user account of the customer,the account identifier of the account of the customer, the image of thepayment device associated with the customer, and/or the deviceidentifier of user device 104 on user device 104. In some non-limitingembodiments, user device 104 may store the image template foridentification of the customer, the identifier of the customer, the useraccount identifier of a user account of the customer, the accountidentifier of the account of the customer, the image of the paymentdevice associated with the customer, and/or the device identifier ofuser device 104 on a device remote from user device 104. In somenon-limiting embodiments, user device 104 may store the image templatefor identification of the customer, the identifier of the customer, theuser account identifier of a user account of the customer, the accountidentifier of the account of the customer, the image of the paymentdevice associated with the customer, and/or the device identifier ofuser device 104 on user device 104 via a mobile payment application ofuser device 104.

In another example, the image template for identification of thecustomer, the identifier of the customer, the user account identifier ofa user account of the customer, the account identifier of the account ofthe customer, the image of the payment device associated with thecustomer, and/or the device identifier of user device 104 may be storedon a server associated with transaction service provider system 108 or aserver associated with issuer system 106. In such an example, userdevice 104 may retrieve the image template for identification of thecustomer, the identifier of the customer, the user account identifier ofa user account of the customer, the account identifier of the account ofthe customer, the image of the payment device associated with thecustomer, and/or the device identifier of user device 104 from theserver associated with transaction service provider system 108 or theserver associated with issuer system 106 via a mobile paymentapplication (e.g., a mobile payment application controlled or operatedby an issuer associated with issuer system 106 or a transaction serviceprovider associated with transaction service provider system 108) ofuser device 104.

In some non-limiting embodiments, POS device 102 may store the dataassociated with conducting a payment transaction received from userdevice 104. For example, POS device 102 may store the data associatedwith conducting a payment transaction based on receiving the data fromuser device 104. In some non-limiting embodiments, POS device 102 maystore the image template for identification of the customer, theidentifier of the customer, the user account identifier of a useraccount of the customer, the account identifier of the account of thecustomer, the image of the payment device associated with the customer,and/or the device identifier of user device 104. For example, POS device102 may store the image template for identification of the customer, theidentifier of the customer, the user account identifier of a useraccount of the customer, the account identifier of the account of thecustomer, the image of the payment device associated with the customer,and/or the device identifier of user device 104 based on receiving thedata associated with conducting a payment transaction. In somenon-limiting embodiments, POS device 102 may store the image templatefor identification of the customer, the identifier of the customer, theuser account identifier of a user account of the customer, the accountidentifier of the account of the customer, the image of the paymentdevice associated with the customer, and/or the device identifier ofuser device 104 for a predetermined time period (e.g., a time period ofone minute, a time period of five minutes, a time period of ten minutes,and/or the like). Additionally, after expiration of the predeterminedtime period, POS device 102 may delete the image template foridentification of the customer, the identifier of the customer, the useraccount identifier of a user account of the customer, the accountidentifier of the account of the customer, the image of the paymentdevice associated with the customer, and/or the device identifier ofuser device 104.

In some non-limiting embodiments, POS device 102 may establish ashort-range communication connection with user device 104 associatedwith the customer. For example, POS device 102 may establish theshort-range communication connection with user device 104 when userdevice 104 is within a predetermined distance (e.g., a predeterminedrange for establishing a short-range communication) of POS device 102.In such an example, the predetermined distance may be between 2 metersand 3 meters. In some non-limiting embodiments, the short-rangecommunication connection may be a Bluetooth® communication connection ora BLE communication connection. In some non-limiting embodiments, userdevice 104 may send data associated with conducting a paymenttransaction to POS device 102 via the short-range communicationconnection. For example, user device 104 may send the data associatedwith conducting a payment transaction to POS device 102 when user device104 is within a predetermined distance of POS device 102.

In some non-limiting embodiments, POS device 102 may receive dataassociated with conducting a payment transaction from each of aplurality of user devices 104 associated with a plurality of customers.For example, POS device 102 may receive data associated with conductinga payment transaction from each of the plurality of user devices 104 viaa plurality of short-range communication connections based on theplurality user devices 104 being within a predetermined distance of POSdevice 102.

In some non-limiting embodiments, POS device 102 may display a pluralityof images of the plurality of customers associated with the plurality ofuser devices 104. For example, POS device 102 may display a plurality ofimages of the plurality of customers associated with the plurality ofuser devices 104 on a graphical user interface (GUI) of POS device 102.In some non-limiting embodiments, POS device 102 may display a pluralityof identifiers associated with the customers along with the plurality ofimages of the plurality of customers. In some non-limiting embodiments,POS device 102 may receive a selection of the customer associated withuser device 104 based on input provided by a merchant representativeassociated with POS device 102. In some non-limiting embodiments, POSdevice 102 may automatically select the customer associated with userdevice 104 out of the plurality of user devices. In some non-limitingembodiments, POS device 102 may establish a short-range communicationconnection with user device 104 associated with the customer that wasincluded in the selection.

In some non-limiting embodiments, POS device 102 may send a paymenttransaction notification to user device 104 associated with the customerbased on establishing the short-range communication connection with userdevice 104. In some non-limiting embodiments, the payment transactionnotification may include an identifier of a merchant associated with POSdevice 102 and/or a transaction amount associated with the paymenttransaction. In some non-limiting embodiments, user device 104 mayreceive the payment transaction notification as a push notification.

In some non-limiting embodiments, user device 104 may send dataassociated with conducting a payment transaction to POS device 102 viathe short-range communication connection based on a state of a mobilepayment application of user device 104. For example, user device 104 maysend the data associated with conducting a payment transaction to POSdevice 102 based on the mobile payment application of user device 104being in an activate state. In such an example, user device 104 may sendthe data to POS device 102 only if the mobile payment application ofuser device 104 is in an activate state. Additionally or alternatively,user device 104 may send the data associated with conducting a paymenttransaction to POS device 102 based on a state of short-rangecommunication connection capability of user device 104. For example,user device 104 may send the data associated with conducting a paymenttransaction to POS device 102 based on the short-range communicationconnection capability (e.g., a Bluetooth® communication connectioncapability or a BLE communication connection capability) of user device104 being in an active state. In such an example, user device 104 maysend the data to POS device 102 only if the short-range communicationconnection capability of user device 104 is in an active state.

In some non-limiting embodiments, POS device 102 may receive the dataassociated with conducting a payment transaction based on user device104 sending the data to POS device 102. In some non-limitingembodiments, user device 104 may communicate the data associated withconducting a payment transaction to POS device 102 based on receiving asignal (e.g., a beacon signal) from POS device 102. For example, userdevice 104 may communicate the data to POS device 102 based on receivinga signal from a beacon of POS device 102.

In some non-limiting embodiments, issuer system 106, transaction serviceprovider system 108, and/or merchant system 110 may receive the dataassociated with conducting a payment transaction from POS device 102.For example, issuer system 106, transaction service provider system 108,and/or merchant system 110 may receive the data from POS device 102after user device 104 associated with the customer communicates the datato POS device 102.

In some non-limiting embodiments, user device 104 may receive enrollmentdata associated with an enrollment request to enroll the customer in amobile payment application. For example, user device 104 may receivedata associated with conducting a payment transaction to enroll thecustomer in the mobile payment application. In some non-limitingembodiments, issuer system 106 and/or transaction service providersystem 108 may receive the data associated with conducting a paymenttransaction from user device 104 based on the enrollment request. Issuersystem 106 and/or transaction service provider system 108 may create auser account associated with the customer based on receiving the dataassociated with conducting a payment transaction and store the data inthe user account associated with the customer.

In some non-limiting embodiments, user device 104 may display a promptfor the customer associated with user device 104 to provide enrollmentdata associated with an enrollment request to enroll the customer in themobile payment application when the user device 104 is within apredetermined distance of POS device 102. In some non-limitingembodiments, user device 104 may download the mobile payment applicationand user device 104 may display the prompt for the customer associatedwith user device 104 to provide the enrollment data associated with theenrollment request based on downloading the mobile payment application.

In some non-limiting embodiments, POS device 102 may determine whetherthe data associated with conducting a payment transaction is received byPOS device 102. For example, POS device 102 may determine whether imagedata associated with the image template for identification of thecustomer, data associated with an identifier of the customer, image dataassociated with an image template for identification of the customer,account identifier data associated with an account identifier of anaccount of the customer, and/or device identifier data associated with adevice identifier of user device 104 associated with the customer isreceived by POS device 102 within a predetermined time period after theshort-range communication connection is established. If POS device 102determines that the data associated with conducting a paymenttransaction is not received by POS device 102, POS device 102 may send amessage to user device 104 that includes an indication that the dataassociated with conducting a payment transaction has not been receivedfrom user device 104.

As further shown in FIG. 3 , at step 304, process 300 includes receivingimage data associated with an image of a biometric identificationparameter of the customer during a payment transaction. For example, POSdevice 102 may receive image data associated with an image of abiometric identification parameter of the customer during a paymenttransaction. In some non-limiting embodiments, the image of thebiometric identification parameter of the customer may include an imageof a face of the customer (e.g., an image of an entire face of thecustomer, an image of a portion of a face of the customer, and/or thelike), an image of a feature of the face (e.g., a nose of the face, aneye of the face, and/or the like) of the customer, and/or the like.

In some non-limiting embodiments, POS device 102 may cause an image ofthe biometric identification parameter of the customer to be capturedvia an image capture device. For example, POS device 102 may cause theimage of the biometric identification parameter of the customer to becaptured via the image capture device during the payment transaction. Insome non-limiting embodiments, POS device 102 may receive the image ofthe biometric identification parameter of the customer from the imagecapture device. For example, POS device 102 may receive the image dataassociated with the image of the biometric identification parameter ofthe customer from the image capture device after the image capturedevice captures the image of the biometric identification parameter.

In some non-limiting embodiments, POS device 102 may establish ashort-range communication connection with user device 104 associatedwith the customer based on POS device 102 receiving the image dataassociated with the image of the biometric identification parameter ofthe customer during the payment transaction. For example, POS device 102may establish the short-range communication connection with user device104 when user device 104 is within a predetermined distance of POSdevice 102 after POS device 102 receives the image data associated withthe image of the biometric identification parameter of the customer. Insome non-limiting embodiments, user device 104 may send data associatedwith conducting the payment transaction to POS device 102 via theshort-range communication connection based on establishing theshort-range communication connection.

In some non-limiting embodiments, POS device 102 may receive dataassociated with conducting a payment transaction from each of aplurality of user devices 104 associated with a plurality of customersafter POS device 102 receives the image data associated with the imageof the biometric identification parameter of the customer. For example,POS device 102 may receive the data associated with conducting a paymenttransaction from each of the plurality user devices 104 via a pluralityof short-range communication connections between POS device 102 and userdevices 104 based on the plurality user devices 104 being within apredetermined distance of POS device 102 after POS device 102 receivesthe image data associated with the image of the biometric identificationparameter of the customer.

In some non-limiting embodiments, POS device 102 may display a pluralityof images of the plurality of customers associated with the plurality ofuser devices 104 based on the data associated with conducting a paymenttransaction that is received by POS device 102 from each of theplurality of user devices 104 associated with the plurality ofcustomers. For example, POS device 102 may display the plurality ofimages of the plurality of customers associated with the plurality ofuser devices 104 on a graphical user interface (GUI) of POS device 102.In some non-limiting embodiments, POS device 102 may display a pluralityof identifiers associated with the customers along with the plurality ofimages of the plurality of customers. In some non-limiting embodiments,POS device 102 may receive a selection of the customer associated withuser device 104 based on input provided by a merchant representativeassociated with POS device 102. In some non-limiting embodiments, POSdevice 102 may automatically select the customer associated with userdevice 104 out of the plurality of user devices. In some non-limitingembodiments, POS device 102 may establish a short-range communicationconnection with user device 104 associated with the customer that wasincluded in the selection.

As further shown in FIG. 3 , at step 306, process 300 includesauthenticating an identity of the customer for the payment transactionbased on the image of the biometric identification parameter of thecustomer. For example, POS device 102 may authenticate the identity ofthe customer for the payment transaction based on the image of thebiometric identification parameter of the customer. In some non-limitingembodiments, POS device 102 may determine whether the image of thebiometric identification parameter of the customer corresponds toidentity data associated with the identity of the customer. For example,POS device 102 may determine whether the image of the biometricidentification parameter of the customer corresponds to an imagetemplate for identification of the customer. In such an example, POSdevice 102 may determine whether an image of a face of the customercorresponds to a facial image template of the customer. In somenon-limiting embodiments, POS device 102 may determine whether the imageof the biometric identification parameter of the customer corresponds toan image template for identification of the customer using machinelearning techniques and/or template matching techniques.

In some non-limiting embodiments, POS device 102 may authenticate theidentity of the customer for the payment transaction based onhomomorphic encryption. As used herein, the term “Homomorphicencryption” is intended to refer to a form of encryption that allowscomputational operations on ciphertext. In some non-limitingembodiments, such a computational operation may include generating anencrypted result by performing computational operations on encryptedinformation (e.g., ciphertext) so that when the encrypted result of thecomputational operations is decrypted, the decrypted result matches aresult of the computational operations as if the computationaloperations had been performed on plaintext associated with ciphertext(e.g., the plaintext that was used to produce the ciphertext). Thus, oneor more encrypted templates and/or one or more encrypted images (e.g.,one or more templates for identification of a customer that have beenencrypted, one or more images of a biometric identification parameter ofa customer that have been encrypted, and/or the like) may be used togenerate an encrypted result, that when decrypted, matches the result ofoperations as if the operations had been performed on one or moreunencrypted templates. Accordingly, encrypted results may be passedbetween devices and/or software applications (e.g., mobile applications)being run on one or more devices and a device that receives theencrypted results may decrypt the encrypted results and use theencrypted results and/or decrypted results for authenticating anidentity of a customer as described herein. Examples of homomorphicencryption are disclosed in International Patent Application No.PCT/US2016/058880, filed on Oct. 26, 2016, and International PatentApplication No. PCT/US2017/024099, filed on Mar. 24, 2017, each of whichis incorporated by reference herein. In some non-limiting embodiments,the techniques discussed herein that involve homomorphic encryption maybe performed in combination with techniques that involve establishing ashort-range communication connection and communicating information viathe short-range communication connection. In other non-limitingembodiments, the techniques discussed herein that involve homomorphicencryption may be performed without performing the techniques thatinvolve establishing a short-range communication connection andcommunicating information via the short-range communication connection.

In some non-limiting embodiments, POS device 102 may determine whetherthe image of the biometric identification parameter of the customercorresponds to the image template for identification of the customer bycomparing the image of the biometric identification parameter of thecustomer to the image template for identification of the customer. Inone example, POS device 102 may receive device identifier dataassociated with a device identifier of user device 104 associated withthe customer after receiving image data associated with the image of thebiometric identification parameter of the customer. POS device 102 mayretrieve the image template for identification of the customer from adata structure (e.g., a data structure of POS device 102, a datastructure of transaction service provider system 108, and/or the like)based on the device identifier of user device 104. POS device maycompare the image template for identification of the customer to theimage of the biometric identification parameter of the customer based onretrieving the image template.

In some non-limiting embodiments, if POS device 102 determines that theimage of the biometric identification parameter of the customercorresponds to the identity data associated with the identity of thecustomer, POS device 102 may authenticate the identity of the customer.For example, if POS device 102 determines that the image of thebiometric identification parameter of the customer corresponds to theimage template for identification of the customer, POS device 102 mayauthenticate the identity of the customer. In some non-limitingembodiments, if POS device 102 determines that the image of thebiometric identification parameter of the customer does not correspondto the identity data associated with the identity of the customer, POSdevice 102 may not authenticate the identity of the customer. Forexample, if POS device 102 determines that the image of the biometricidentification parameter of the customer does not correspond to theimage template for identification of the customer, POS device 102 maynot authenticate the identity of the customer.

In some non-limiting embodiments, POS device 102 may establish ashort-range communication connection (e.g., a second short-rangecommunication connection established after a first short-rangecommunication connection via which image data associated with an imagetemplate for identification of a customer was received by POS device102) with user device 104 associated with the customer during a paymenttransaction between the customer and a merchant. In some non-limitingembodiments, POS device 102 may authenticate the identity of thecustomer for the payment transaction based on the image of the biometricidentification parameter of the customer via the short-rangecommunication connection.

In some non-limiting embodiments, POS device 102 may receive accountidentifier data associated with an account identifier of an account ofthe customer, image data associated with an image of a payment device,and/or transaction code data associated with a transaction code (e.g., atransaction code associated with a card-present payment transaction) forthe payment transaction between the customer and the merchant based onPOS device 102 authenticating the identity of the customer associatedwith user device 104. For example, POS device 102 may receive image dataassociated with an image of a payment device associated with thecustomer, a token associated with an account of the customer, and/or acryptogram from user device 104.

In some non-limiting embodiments, POS device 102 may authenticate theidentity of the customer based on a response (e.g., a paymenttransaction notification response) to a payment transaction notificationreceived from user device 104 associated with the customer. For example,POS device 102 may send a payment transaction notification to userdevice 104 associated with the customer based on establishing theshort-range communication connection with user device 104. User device104 may receive the payment transaction notification and user device 104may display the payment transaction notification. User device 104 mayreceive an input provided by the customer as the response to the paymenttransaction notification. The input may include an authenticationparameter. In some non-limiting embodiments, the authenticationparameter may include a personal identification number (PIN).Additionally or alternatively, the authentication parameter may includea biometric authentication parameter such as a fingerprint of thecustomer.

In some non-limiting embodiments, POS device 102 may determine whetherthe image of the biometric identification parameter of a customercorresponds to an image template for identification of the customer bycomparing the image of the biometric identification parameter of thecustomer to each of a plurality of image templates for identification ofa customer. For example, POS device 102 may receive a plurality of imagetemplates for identification of a customer from a plurality of userdevices 104 associated with a plurality of customers. After receivingthe plurality of image templates, POS device 102 may receive the imageof the biometric identification parameter of the customer. POS device102 may compare the image of the biometric identification parameter ofthe customer to each of the plurality of image templates to determinewhether the image of the biometric identification parameter of thecustomer corresponds to the image template for identification of thecustomer. In some non-limiting embodiments, POS device 102 mayauthenticate the identity of the customer based on determining that thebiometric identification parameter of the customer best corresponds tothe image template for identification of the customer out of theplurality of image templates.

As further shown in FIG. 3 , at step 308, process 300 includesdetermining an account of the customer for the payment transaction. Forexample, POS device 102 may determine the account of the customer forprocessing of the payment transaction. In some non-limiting embodiments,POS device 102 may determine an account identifier of the account of thecustomer for processing of the payment transaction. For example, POSdevice 102 may display an image of a payment device associated with thecustomer. POS device 102 may receive an indication that the customerauthorizes the use of an account associated with the payment device. POSdevice 102 may determine an account identifier (e.g., a PAN, a token,and/or the like) of the account associated with the payment device basedon receiving the indication that the customer authorizes the use of theaccount associated with the payment device for the payment transaction.

In some non-limiting embodiments, POS device 102 may determine theaccount of the customer for processing of the payment transaction basedon receiving account identifier data associated with an accountidentifier of the account of the customer. For example, POS device 102may determine the account of the customer for processing of the paymenttransaction based on receiving account identifier data associated withan account identifier of the account of the customer from user device104 associated with the customer. In some non-limiting embodiments, POSdevice 102 may determine the account of the customer for processing ofthe payment transaction based on retrieving account identifier dataassociated with the account identifier of the account of the customerfrom a data structure associated with POS device 102.

In some non-limiting embodiments, POS device 102 may display the imageof the payment device associated with the customer based on receivingthe image data associated with the image of the payment device from userdevice 104 associated with the customer. Additionally or alternatively,POS device 102 may display a transaction amount of the paymenttransaction. For example, POS device 102 may display the transactionamount of the payment transaction based on POS device 102 scanning aplurality of products involved in the payment transaction.

In some non-limiting embodiments, POS device 102 may receiveauthorization data associated with an indication that the customerauthorizes the payment transaction. For example, POS device 102 mayreceive authorization data associated with an indication that thecustomer authorizes the payment transaction involving an accountassociated with a payment device of the customer after POS device 102displays an image of a payment device associated with the customer. Insome non-limiting embodiments, POS device 102 may receive theauthorization data from user device 104, issuer system 106, transactionservice provider system 108, and/or merchant system 110. In somenon-limiting embodiments, the authorization data may include anindication that the customer authorizes the payment transaction based ona transaction amount of the payment transaction. For example, theauthorization data may include an indication that the customerauthorizes the payment transaction based on a threshold value of atransaction amount of the payment transaction.

In some non-limiting embodiments, POS device 102 may receive theauthorization data associated with the indication that the customerauthorizes the payment transaction. For example, POS device 102 mayreceive the authorization data from merchant system 110 based onreceiving a user input from the GUI screen of POS device 102. In such anexample, the GUI screen may include a plurality of user interfaceelements and the user input may be received based on the customerinteracting with one or more of the user interface elements. In somenon-limiting embodiments, POS device 102 may communicate theauthorization data to issuer system 106, transaction service providersystem 108, and/or merchant system 110 based on receiving theauthorization data.

In some non-limiting embodiments, POS device 102 may receive theauthorization data associated with the indication that the customerauthorizes the payment transaction before, during, and/or after POSdevice 102 determines an identity of a customer. In some non-limitingembodiments, POS device 102 may receive the authorization dataassociated with the indication that the customer authorizes the paymenttransaction before, during, and/or after POS device 102 receivesidentity data associated with an identity of the customer (e.g., imagedata associated with an image template for identification of thecustomer).

In some non-limiting embodiments, POS device 102 may display an imageassociated with a payment device. For example, POS device 102 maydisplay an image associated with a payment device based on determiningthe account identifier of the account of the customer. In somenon-limiting embodiments, the payment device is associated with theaccount identifier of the account of the customer. In some non-limitingembodiments, POS device 102 may receive an indication that the accountidentifier of the account of the customer is to be used duringprocessing of the payment transaction. For example, POS device 102 mayreceive the indication after displaying the image associated with thepayment device.

As further shown in FIG. 3 , at step 310, process 300 includesprocessing the payment transaction using the account of the customer.For example, POS device 102 may process the payment transaction usingthe account of the customer based on POS device 102 determining theaccount of the customer for processing the payment transaction. In somenon-limiting embodiments, POS device 102 may generate an authorizationrequest message for the payment transaction and send the authorizationrequest message to issuer system 106, transaction service providersystem 108, and/or merchant system 110. The authorization requestmessage may include a request to the issuer that issued the account ofthe customer involved in the payment transaction, to authorize thepayment transaction. In some non-limiting embodiments, POS device 102may receive an authorization response message from issuer system 106,transaction service provider system 108, and/or merchant system 110. Theauthorization response message may include a response indicating whetherthe issuer that issued the account of the customer involved in thepayment transaction, authorized the payment transaction.

In some non-limiting embodiments, POS device 102 may determine whetherto process the payment transaction based on a response (e.g., a paymenttransaction notification response) to a payment transaction notificationreceived from user device 104 associated with the customer. For example,POS device 102 may send a payment transaction notification to userdevice 104 associated with the customer based on establishing theshort-range communication connection with user device 104. User device104 may receive the payment transaction notification and user device 104may display the payment transaction notification. User device 104 mayreceive an input provided by the customer as the response to the paymenttransaction notification. If POS device 102 determines that the inputprovided by the customer as the response to the payment transactionnotification includes an authentication parameter (e.g., an indicationthat the account identifier of the account of the customer is to be usedduring processing of the payment transaction), POS device 102 maydetermine to process the payment transaction involving the customer. IfPOS device 102 determines that the input provided by the customer as theresponse to the payment transaction notification does not include anauthentication parameter, POS device 102 may determine not to processthe payment transaction involving the customer. In some non-limitingembodiments, if POS device 102 determines that the input was notprovided by the customer as the response to the payment transactionnotification (e.g., within a predetermined time period), POS device 102may determine not to process the payment transaction involving thecustomer.

In some non-limiting embodiments, POS device 102 may send a paymenttransaction authorization request message to user device 104 associatedwith the customer. For example, POS device 102 may send a paymenttransaction authorization request message to user device 104 based onauthenticating an identity of the customer for a payment transactionand/or determining an account of the customer for the paymenttransaction. In some non-limiting embodiments, the payment transactionauthorization request message comprises a transaction amount of thepayment transaction. In some non-limiting embodiments, POS device 102may receive a payment transaction authorization response message fromuser device 104 associated with the customer. In some non-limitingembodiments, the payment transaction authorization request messagecomprises authorization data associated with an indication that thecustomer authorizes the transaction amount of the payment transaction.In some non-limiting embodiments, POS device 102 may process the paymenttransaction using the account of the customer based on receiving thepayment transaction authorization request message. For example, POSdevice 102 may receive the payment transaction authorization requestmessage and POS device 102 may determine that the payment transactionauthorization request message includes authorization data associatedwith an indication that the customer authorizes the transaction amountof the payment transaction. POS device 102 may process the paymenttransaction based on the authorization data.

Referring now to FIG. 4 , FIG. 4 is a sequence diagram of a non-limitingembodiment of a process 400 for authenticating a customer during apayment transaction based on a biometric identification parameter of thecustomer. As shown, one or more of the steps of process 400 areperformed (e.g., completely, partially, and/or the like) by POS device102 and user device 104. Additionally or alternatively, one or more ofthe steps of process 400 may be performed (e.g., completely, partially,and/or the like) by another device or a group of devices separate fromor including POS device 102 and user device 104, such as for example,one or more devices of issuer system 106, transaction service providersystem 108, and/or merchant system 110.

As shown in FIG. 4 , at step s1, POS device 102 may establish a firstshort-range communication connection with user device 104 associatedwith a customer. In some non-limiting embodiments, the first short-rangecommunication connection may be a Bluetooth® communication connection orBLE communication connection. At step s2, user device 104 may send dataassociated with conducting a payment transaction via the firstshort-range communication connection. In some non-limiting embodiments,the data associated with conducting a payment transaction includes imagedata associated with the image template for identification of thecustomer, data associated with an identifier of the customer, dataassociated with a user account identifier for a user account of thecustomer, account identifier data associated with an account identifierof an account of the customer, image data associated with an image of apayment device associated with the customer, and/or device identifierdata associated with a device identifier of user device 104 associatedwith the customer.

As further shown in FIG. 4 , at step s3, POS device 102 may receive dataassociated with a payment transaction involving the customer. Forexample, POS device 102 may receive data associated with one or moreproducts involved in the payment transaction based on POS device 102scanning one or more packages of the one or more products via a scanningdevice associated with POS device 102. At step s4, POS device 102 mayreceive image data associated with an image of a biometricidentification parameter of the customer during the payment transaction.In some non-limiting embodiments, POS device 102 may receive the imagedata associated with the image of the biometric identification parameterof the customer based on causing the image of at least a portion of theface of the customer to be captured via an image capture device and POSdevice 102 may receive the image of at least a portion of the face ofthe customer from the image capture device.

As further shown in FIG. 4 , at step s5, POS device 102 may establish asecond short-range communication connection with user device 104associated with the customer. In some non-limiting embodiments, thesecond short-range communication connection may be a Bluetooth®communication connection or a BLE communication connection. At step s6,POS device 102 may authenticate the identity of the customer for thepayment transaction based on the image of the biometric identificationparameter of the customer. For example, POS device 102 may determinewhether the image of the biometric identification parameter of thecustomer corresponds to the image template for identification of thecustomer.

As further shown in FIG. 4 , at step s7, POS device 102 may determine anaccount of the customer to be used during processing of the paymenttransaction. At step s8, POS device 102 may process the paymenttransaction using the account of the customer. At step s9, POS device102 may send a transaction confirmation message to user device 104associated with the customer. In some non-limiting embodiments, thetransaction confirmation message may include an indication that thepayment transaction involving the customer was processed based onprocessing the payment transaction.

Although the present disclosure has been described in detail for thepurpose of illustration based on what is currently considered to be themost practical and preferred embodiments, it is to be understood thatsuch detail is solely for that purpose and that the disclosure is notlimited to the disclosed embodiments, but, on the contrary, is intendedto cover modifications and equivalent arrangements that are within thespirit and scope of the appended claims. For example, it is to beunderstood that the present disclosure contemplates that, to the extentpossible, one or more features of any embodiment can be combined withone or more features of any other embodiment.

What is claimed is:
 1. A computer-implemented method, comprising:generating device identifier data via a mobile application of a userdevice of a customer; generating image template data via the mobileapplication of the user device of the customer; storing the deviceidentifier data and the image template data on the user device of thecustomer via the mobile application; receiving, with at least oneprocessor, the device identifier data and the image template data fromthe user device; storing, with at least one processor, the deviceidentifier data and the image template data in a data structure for atime period; causing, with at least one processor, an image of thecustomer to be captured via an image capture device during a paymenttransaction between the customer and a merchant; receiving, with atleast one processor, the device identifier data from the user device;retrieving, with at least one processor, an image template from the datastructure based on the device identifier data; determining, with atleast one processor, whether the image corresponds to the imagetemplate; determining, with at least one processor, an accountidentifier of the customer based on determining that the imagecorresponds to the image template; and deleting, with at least oneprocessor, the device identifier data and the image template from thedata structure after expiration of the time period.
 2. Thecomputer-implemented method according to claim 1, wherein the deviceidentifier data is first device identifier data, and the method furthercomprises: receiving the image during the payment transaction betweenthe customer and the merchant; establishing a short-range communicationconnection between the user device and a point-of-sale (POS) deviceassociated with the merchant during the payment transaction between thecustomer and the merchant; receiving second device identifier data fromthe user device via the short-range communication connection; anddetermining that the first device identifier data corresponds to thesecond device identifier data.
 3. The computer-implemented methodaccording to claim 2, wherein establishing the short-range communicationconnection between the user device and the POS device comprises:establishing the short-range communication connection between the userdevice and the POS device based on the user device being within apredetermined distance of the POS device.
 4. The computer-implementedmethod according to claim 1, further comprising: displaying an imageassociated with a payment device, wherein the payment device isassociated with the account identifier of the customer; and receiving anindication that the account identifier of the customer is to be usedduring processing of the payment transaction after displaying the imageassociated with the payment device.
 5. The computer-implemented methodaccording to claim 4, further comprising: processing the paymenttransaction using the account identifier of the customer based onreceiving the indication that the account identifier of the customer isto be used during processing of the payment transaction.
 6. Thecomputer-implemented method according to claim 1, further comprising:sending a payment transaction authorization request message to the userdevice; and receiving a payment transaction authorization responsemessage from the user device.
 7. The computer-implemented methodaccording to claim 1, wherein causing the image to be captured via theimage capture device comprises: causing an image of at least a portionof a face of the customer to be captured via the image capture device,wherein receiving the image comprises: receiving the image of at least aportion of the face of the customer from the image capture device at apoint-of-sale (POS) device associated with the merchant.
 8. Thecomputer-implemented method according to claim 1, wherein the imagetemplate comprises encrypted facial image template data, and thecomputer-implemented method further comprises: receiving the encryptedfacial image template data from the user device, wherein the encryptedfacial image template data comprises data that has been encrypted usinga homomorphic encryption scheme.
 9. A system, comprising: at least oneprocessor programmed or configured to: generate device identifier datavia a mobile application of a user device of a customer; generate imagetemplate data via the mobile application of the user device of thecustomer; storing the device identifier data and the image template dataon the user device of the customer via the mobile application; receivethe device identifier data and the image template data from the userdevice; store the device identifier data and the image template data ina data structure for a time period; cause an image of the customer to becaptured via an image capture device during a payment transactionbetween the customer and a merchant; receive the device identifier datafrom the user device; retrieve an image template from the data structurebased on the device identifier data; determine whether the imagecorresponds to the image template; determine an account identifier ofthe customer based on determining that the image corresponds to theimage template; and delete the device identifier data and the imagetemplate from the data structure after expiration of the time period.10. The system according to claim 9, wherein the at least one processoris at least one processor of a point-of-sale (POS) device associatedwith the merchant.
 11. The system according to claim 9, wherein thedevice identifier data is first device identifier data, and wherein theat least one processor is further programmed or configured to: receivethe image during the payment transaction between the customer and themerchant; establish a short-range communication connection between theuser device and a point-of-sale (POS) device associated with themerchant during the payment transaction between the customer and themerchant; receive second device identifier data from the user device viathe short-range communication connection; and determine that the firstdevice identifier data corresponds to the second device identifier data.12. The system according to claim 11, wherein, when establishing theshort-range communication connection between the user device and the POSdevice, the at least one processor is programmed or configured to:establish the short-range communication connection between the userdevice and the POS device based on the user device being within apredetermined distance of the POS device.
 13. The system according toclaim 9, wherein the at least one processor is further programmed orconfigured to: display an image associated with a payment device,wherein the payment device is associated with the account identifier ofthe customer; and receiving an indication that the account identifier ofthe customer is to be used during processing of the payment transactionafter displaying the image associated with the payment device.
 14. Thesystem according to claim 13, wherein the at least one processor isfurther programmed or configured to: process the payment transactionusing the account identifier of the customer based on receiving theindication that the account identifier of the customer is to be usedduring processing of the payment transaction.
 15. The system accordingto claim 9, wherein the image template comprises encrypted dataassociated with a facial image template of the customer, and wherein,the at least one processor is further programmed or configured to:receive the encrypted data associated with the facial image templatefrom the user device, wherein the encrypted data associated with thefacial image template comprises data that has been encrypted using ahomomorphic encryption scheme.
 16. A computer program product, thecomputer program product comprising at least one non-transitorycomputer-readable medium including one or more instructions that, whenexecuted by at least one processor, cause the at least one processor to:generate device identifier data via a mobile application of a userdevice of a customer; generate image template data via the mobileapplication of the user device of the customer; storing the deviceidentifier data and the image template data on the user device of thecustomer via the mobile application; receive the device identifier dataand the image template data from the user device; store the deviceidentifier data and the image template data in a data structure for atime period; cause an image of the customer to be captured via an imagecapture device during a payment transaction between the customer and amerchant; receive the device identifier data from the user device;retrieve an image template from the data structure based on the deviceidentifier data; determine whether the image corresponds to the imagetemplate; determine an account identifier of the customer based ondetermining that the image corresponds to the image template; and deletethe device identifier data and the image template from the datastructure after expiration of the time period.
 17. The computer programproduct according to claim 16, wherein the device identifier data isfirst device identifier data, and wherein the one or more instructionsfurther cause the at least one processor to: receive the image duringthe payment transaction between the customer and the merchant; establisha short-range communication connection between the user device and apoint-of-sale (POS) device associated with the merchant during thepayment transaction between the customer and the merchant; receivesecond device identifier data from the user device via the short-rangecommunication connection; and determine that the first device identifierdata corresponds to the second device identifier data.
 18. The computerprogram product according to claim 17, wherein, the one or moreinstructions that cause the at least one processor to establish theshort-range communication connection between the user device and the POSdevice, cause the at least one processor to: establish the short-rangecommunication connection between the user device and the POS devicebased on the user device being within a predetermined distance of thePOS device.
 19. The computer program product according to claim 16,wherein, the one or more instructions that cause the at least oneprocessor to cause the image of the customer to be captured via theimage capture device, cause the at least one processor to: cause animage of at least a portion of a face of the customer to be captured viathe image capture device; wherein, the one or more instructions thatcause the at least one processor to receive the image of the customer,cause the at least one processor to: receive the image of at least aportion of the face of the customer from the image capture device. 20.The computer program product according to claim 16, wherein the imagetemplate comprises encrypted data associated with a facial imagetemplate of the customer, and wherein the one or more instructionsfurther cause the at least one processor to: receive the encrypted dataassociated with the facial image template from the user device, whereinthe encrypted data associated with the facial image template comprisesdata that has been encrypted using a homomorphic encryption scheme.